Checklist When Choosing a Host for Your Joomla Website

Many of your website’s critical security problems are eliminated when you choose an adequate hosting provider. But having a good host has other advantages as well. Your website will have an excellent uptime, will run smoothly, and will be easier to recover after a disaster.

1. Look for qualified Joomla hosting companies with experience in managing websites and with a solid reputation.
2. Ask specifically for hosting services for a Joomla website. Not all hosts offer services that meet the security requirements of Joomla websites. However, most of them do.
3. Avoid shared hosting. It should be your last resort, and only when your website doesn’t feature valuable personal data and you just have to do with a low hosting budget. If you’re an online business, shared hosting is simply too insecure to be a viable choice in the long run.
4. Look for a host that provides a money-back guarantee.
5. Don’t sign up a hosting contract for more than 1 year with a provider you haven’t dealt with before.
6. Don’t think that all hosts which offer ‘unlimited hosting’ are good for your website. Your choice provider should be able to showcase a portfolio with many clients to convince you to use its services, not only a good hosting offer.
7. Ask the provider about recovery strategies in case of disaster. If it cannot provide a clear overview of recovery strategies used look for another host.
8. Consider cloud hosting. Though it may be slightly more expensive in the short term, it is more economical in the long run. Besides, if you choose a reputed cloud hosting provider you’ll benefit from excellent security.

After picking your host, be careful about you server configuration. Avoid having Google index the results of phpinfo and don’t use unreliable settings like register_globals ON.

• If you use Apache, password protect your crucial files through the .htaccess file. Also, configure the default mod_security to increase security.
• If you use MySQL, set limited access.
• If you settle for PHP, use PHP5, not PHP4. The latter is insecure.